From b7b07e19459d66c21109bc586767450921dcb4cc Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Mon, 15 Feb 2021 11:28:46 -0600 Subject: [PATCH 1/2] Adding wolfSSL_CTX_get_TicketEncCtx --- doc/dox_comments/header_files/ssl.h | 21 +++++++++++++++++++++ src/ssl.c | 8 ++++++++ wolfssl/ssl.h | 1 + 3 files changed, 30 insertions(+) diff --git a/doc/dox_comments/header_files/ssl.h b/doc/dox_comments/header_files/ssl.h index ea2a4cea3..c91db1441 100644 --- a/doc/dox_comments/header_files/ssl.h +++ b/doc/dox_comments/header_files/ssl.h @@ -11214,6 +11214,27 @@ WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int); */ WOLFSSL_API int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*); +/*! + \brief This function gets the session ticket encrypt user context for the + callback. For server side use. + + \return userCtx will be returned upon successfully getting the session. + \return NULL will be returned on failure. This is caused by + passing invalid arguments to the function, or when the user context has + not been set. + + \param ctx pointer to the WOLFSSL_CTX object, created + with wolfSSL_CTX_new(). + + _Example_ + \code + none + \endcode + + \sa wolfSSL_CTX_set_TicketEncCtx +*/ +WOLFSSL_API void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx); + /*! \ingroup IO diff --git a/src/ssl.c b/src/ssl.c index 14a160dc2..0546993b4 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -2893,6 +2893,14 @@ int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void* userCtx) return WOLFSSL_SUCCESS; } +/* get user context - returns userCtx on success, NULL on failure */ +void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx) +{ + if (ctx == NULL) + return NULL; + + return ctx->ticketEncCtx; +} #endif /* !NO_WOLFSSL_SERVER */ #if !defined(NO_WOLFSSL_CLIENT) diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index f315b0436..0c81c9b77 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -3261,6 +3261,7 @@ WOLFSSL_API int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx, SessionTicketEncCb); WOLFSSL_API int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int); WOLFSSL_API int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*); +WOLFSSL_API void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx); #endif /* NO_WOLFSSL_SERVER */ From d31f184c494e515609917449b241ce454fe39a4f Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Wed, 17 Feb 2021 13:34:38 -0600 Subject: [PATCH 2/2] Adding tests --- tests/api.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/api.c b/tests/api.c index 6b3af3092..6a2283663 100644 --- a/tests/api.c +++ b/tests/api.c @@ -1748,6 +1748,26 @@ static void test_wolfSSL_CTX_enable_disable(void) wolfSSL_CTX_free(ctx); #endif /* NO_CERTS */ } + +static void test_wolfSSL_CTX_ticket_API(void) +{ +#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) + WOLFSSL_CTX* ctx = NULL; + void *userCtx = (void*)"this is my ctx"; + + AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); + + AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_set_TicketEncCtx(ctx, userCtx)); + AssertTrue(userCtx == wolfSSL_CTX_get_TicketEncCtx(ctx)); + + wolfSSL_CTX_free(ctx); + + AssertIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_set_TicketEncCtx(NULL, userCtx)); + AssertNull(wolfSSL_CTX_get_TicketEncCtx(NULL)); +#endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER */ +} + + /*----------------------------------------------------------------------------* | SSL *----------------------------------------------------------------------------*/ @@ -40289,6 +40309,7 @@ void ApiTest(void) test_wolfSSL_CTX_SetMinMaxDhKey_Sz(); test_wolfSSL_CTX_der_load_verify_locations(); test_wolfSSL_CTX_enable_disable(); + test_wolfSSL_CTX_ticket_API(); test_server_wolfSSL_new(); test_client_wolfSSL_new(); test_wolfSSL_SetTmpDH_file();